This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:todd_miller:sudo:1.6.4p1
Detail
VendorTodd_MillerFirst view 2002-05-16
ProductSudoLast view 2011-01-20
Version1.6.4p1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:todd_miller:sudo

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.9 2011-01-20 CVE-2011-0008 Local Medium None Requ...
6.2 2010-06-07 CVE-2010-1646 Local High None Requ...
6.2 2007-08-13 CVE-2007-4305 Local High None Requ...
4.6 2005-10-25 CVE-2005-2959 Local Low None Requ...
7.2 2002-05-16 CVE-2002-0184 Local Low None Requ...

CWE : Common Weakness Enumeration

%idName
100% (2)CWE-264Permissions, Privileges, and Access Controls

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-6Argument Injection
CAPEC-15Command Delimiters
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-43Exploiting Multiple Input Interpretation Layers
Hide | Show 9 More...
idName
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-63Simple Script Injection
CAPEC-71Using Unicode Encoding to Bypass Validation Logic
CAPEC-73User-Controlled Filename
CAPEC-85Client Network Footprinting (using AJAX/XSS)
CAPEC-86Embedding Script (XSS ) in HTTP Headers
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-163Spear Phishing

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7338VMware ESX, Service Console update for sudo.
oval:org.mitre.oval:def:22140RHSA-2010:0475: sudo security update (Moderate)
oval:org.mitre.oval:def:13622DSA-2062-1 sudo -- missing input sanitisation
oval:org.mitre.oval:def:12909USN-956-1 -- sudo vulnerability
oval:org.mitre.oval:def:11784DSA-2062 sudo -- missing input sanitisation
Hide | Show 2 More...
idName
oval:org.mitre.oval:def:10580The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 thr...
oval:org.mitre.oval:def:22995ELSA-2010:0475: sudo security update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
65083sudo env.c secure path Restrictions Bypass Arbitrary File Execution
51736sudo parse.c System Group Interpretation Local Privilege Escalation
39589Multiple BSD Systrace Sysjail Policies Race Condition Access Control Policy B...
39588Multiple BSD Sudo Monitor Mode Race Condition Access Control Policy Bypass
20303Sudo Environment Variable Manipulation Local Privilege Escalation
Hide | Show 1 More...
idDescription
5344sudo -p Option Local Overflow

OpenVAS Exploits

idDescription
2011-08-09Name : CentOS Update for sudo CESA-2010:0475 centos5 i386
File : nvt/gb_CESA-2010_0475_sudo_centos5_i386.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201009-03 (sudo)
File : nvt/glsa_201009_03.nasl
2011-01-24Name : Mandriva Update for sudo MDVSA-2011:018 (sudo)
File : nvt/gb_mandriva_MDVSA_2011_018.nasl
2011-01-24Name : Fedora Update for sudo FEDORA-2011-0455
File : nvt/gb_fedora_2011_0455_sudo_fc13.nasl
2011-01-21Name : Fedora Update for sudo FEDORA-2011-0470
File : nvt/gb_fedora_2011_0470_sudo_fc14.nasl
Hide | Show 12 More...
idDescription
2010-07-06Name : Debian Security Advisory DSA 2062-1 (sudo)
File : nvt/deb_2062_1.nasl
2010-07-02Name : Ubuntu Update for sudo vulnerability USN-956-1
File : nvt/gb_ubuntu_USN_956_1.nasl
2010-06-25Name : Fedora Update for sudo FEDORA-2010-9415
File : nvt/gb_fedora_2010_9415_sudo_fc12.nasl
2010-06-25Name : Fedora Update for sudo FEDORA-2010-9417
File : nvt/gb_fedora_2010_9417_sudo_fc11.nasl
2010-06-18Name : Mandriva Update for sudo MDVSA-2010:118 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_118.nasl
2010-06-18Name : Fedora Update for sudo FEDORA-2010-9402
File : nvt/gb_fedora_2010_9402_sudo_fc13.nasl
2010-06-18Name : RedHat Update for sudo RHSA-2010:0475-01
File : nvt/gb_RHSA-2010_0475-01_sudo.nasl
2010-06-03Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo7.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2008-09-04Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo3.nasl
2008-01-17Name : Debian Security Advisory DSA 128-1 (sudo)
File : nvt/deb_128_1.nasl
2008-01-17Name : Debian Security Advisory DSA 870-1 (sudo)
File : nvt/deb_870_1.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_sudo-110114.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0475.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-0267.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20100615_sudo_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_2_sudo-110114.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2011-01-28Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-018.nasl - Type : ACT_GATHER_INFO
2011-01-24Name : The remote Fedora host is missing a security update.
File : fedora_2011-0455.nasl - Type : ACT_GATHER_INFO
2011-01-19Name : The remote Fedora host is missing a security update.
File : fedora_2011-0470.nasl - Type : ACT_GATHER_INFO
2010-10-04Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0015.nasl - Type : ACT_GATHER_INFO
2010-09-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201009-03.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-9402.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-9415.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-9417.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-956-1.nasl - Type : ACT_GATHER_INFO
2010-06-21Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2062.nasl - Type : ACT_GATHER_INFO
2010-06-18Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2010-118.nasl - Type : ACT_GATHER_INFO
2010-06-17Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0475.nasl - Type : ACT_GATHER_INFO
2010-06-16Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0475.nasl - Type : ACT_GATHER_INFO
2010-06-03Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_d42e5b666ea011df9c8d00e0815b8da8.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-722-1.nasl - Type : ACT_GATHER_INFO
2009-02-06Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-0267.nasl - Type : ACT_GATHER_INFO
2007-03-13Name : The remote host is missing a Mac OS X update which fixes a security issue.
File : macosx_10_4_9.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-870.nasl - Type : ACT_GATHER_INFO
2006-05-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_1b7250799ef611dab410000e0c2e438a.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-213-1.nasl - Type : ACT_GATHER_INFO